<?php

class UserController {

	function insertUser(){
	
	}
	
	
	function deleteUser(){
	
	}
	
	function editUser($user, $pass, $verify){
	
		// Highjacked!
		require_once("system/db/dbconnect.class.php");
		
		if ($pass == $verify) {
		
			$db = new Connection();
			$secure = MD5($pass);
			$update = "UPDATE `user_login` SET password = '".$secure."' WHERE `username` = '".$user."'";
			$message = "OCS Toolbox\nSuccess! Your password has been changed to ".$pass."";
			
			$result = mysql_query($update) or die (mysql_error());
			
			if (!$result) {
			
				$_SESSION['fail'] = "An error occurred and your password was not changed";
			
			} else {
			
				$email = "SELECT * FROM `user_login` WHERE `username` = '".$user."'";
					$send = mysql_query($email) or die (mysql_error());
					while ($mail = mysql_fetch_array($send)) {
						
						$sql = "SELECT * FROM `user_profile` WHERE `loginid` = '".$mail['id']."'";
						$getmail = mysql_query($sql) or die (mysql_error());
							while ($mailarr = mysql_fetch_array($getmail)) {
							
								$sent = mail($mailarr['email'], "Password Change", $message);
							
							}
						
					}
					
				$_SESSION['success'] = "Your password has been successfully changed";
				
			}
			
		} else {
		
			$_SESSION['fail'] = "Your input passwords do not match";
		
		}
	
	}
	
	function editAddress($user, $addone, $addtwo, $city, $postcode){
	
		// Highjacked!
		require_once("system/db/dbconnect.class.php");
		$db = new Connection();

		$getuser = "SELECT * FROM `user_login` WHERE `username` = '".$user."'";
		$getme = mysql_query($getuser) or die (mysql_error());
		
			while ($getarr = mysql_fetch_array($getme)) {
			
				$change = "UPDATE `user_profile` SET address1 = '".$addone."', address2 = '".$addtwo."', city = '".$city."', postcode = '".$postcode."' WHERE `loginId` = '".$getarr['id']."'";
				$result = mysql_query($change) or die (mysql_error());
				
					if ($result) {
					
						$getmail = mysql_query("SELECT email FROM `user_profile` WHERE `loginId` = '".$getarr['id']."'") or die (mysql_error());
							while ($mailthis = mysql_fetch_array($getmail)) {
								mail($mailthis['email'], "Address Change", "OCS Toolbox\nYou have changed your address to:\n".$addone."\n".$addtwo."\n".$city."\n".$postcode);
							}
					
					}
			
			}
	
	}
	
	
	function displayUser($user){
	
		// Highjacked!
		$html = "";
				
		$html .= "<h1>Change details for ".$user."</h1>";
		
		$html .= "<ul class=\"accordion\">";
		
			$html .= "<li><a href=\"#howto\" class=\"accLink\">How to use</a>";
			$html .= "<div class=\"interior\">";
				$html .= "<b>Changing Your Password</b><br />\n";
				$html .= "To change your password simply enter your new password into the text box, then enter it again into the next one to confirm it, when that is done simply click 'Change' and your new password will be in use, you will receive an e-mail to confirm this if the password change has been successful<br /><br />";
				
				$html .= "<b>Changing Your Address</b><br />";
				$html .= "To change your address simply write the new address into the text boxes, ensure that everything is correct and then click the 'Change' button, you will receive an e-mail if the change has been successful.";
			$html .= "</div></li>";
		
			$html .= "<li><a href=\"#pass\" class=\"accLink\">Change Password</a>";
			$html .= "<div class=\"interior\">";
			
			$html .= "<table>";
				
				$html .= "<form method=\"post\">\n";
					$html .= "<tr><td>New Password:</td><td><input type=\"password\" name=\"password\" /><td></tr>\n";
					$html .= "<tr><td>Confirm:</td><td><input type=\"password\" name=\"verify\" /><td></tr>\n";
					$html .= "<tr><td><input type=\"submit\" name=\"submit\" value=\"Change\" /></td></tr>";

				$html .= "</form>";
				
			$html .= "</table></div></li>";
			
			$html .= "<li><a href=\"#add\" class=\"accLink\">Change Address</a>";
				$html .= "<div class=\"interior\">";
				$html .= "<form method=\"post\">";
					$html .= "<table>";
						$html .= "<tr><td>Address Line One:</td><td><input type=\"text\" name=\"addone\" /></td></tr>";
						$html .= "<tr><td>Address Line Two:</td><td><input type=\"text\" name=\"addtwo\" /></td></tr>";
						$html .= "<tr><td>City:</td><td><input type=\"text\" name=\"city\" /></td></tr>";
						$html .= "<tr><td>Post Code:</td><td><input type=\"text\" name=\"postcode\" /></td></tr>";
						$html .= "<tr><td><input type=\"submit\" input name=\"editadd\" value=\"Change\" />";
					$html .= "</table>";
				$html .= "</form>";
				$html .= "</div>";
			$html .= "</li>";
			
		$html .= "</ul>";
		
		echo $html;
	
	}

	function displayAllUsers(){
	
	
	}
	
	function getUser($id){
		$sql = "SELECT * FROM user_profile, user_login WHERE user_login.id = ".$id." AND user_profile.loginId = user_login.id;";
		$user = $this->grabTheUser($sql);
		return $user;
	}
	
	function getUserWithUsername($username){
		$sql = "SELECT * FROM user_profile, user_login WHERE user_login.username = '".$username."' AND user_login.id = user_profile.loginId;";
		$user = $this->grabTheUser($sql);
		return $user;
	}
	
	
	
	
	function grabTheUser($sqlFromFunction){
		require_once("db/dbconnect.class.php");
		$db = new Connection();
		$sql = $sqlFromFunction;
		$res = $db->selectQuery($sql);	
		
		require_once("users/user.class.php");
		$user = new User();
		
		$userObject = mysql_fetch_object($res);
		
		$user->setLoginId($userObject->id);
		$user->setAddress1($userObject->address1);
		$user->setAddress2($userObject->address2);
		$user->setCity($userObject->city);
		$user->setPostcode($userObject->postcode);
		$user->setEmail($userObject->email);
		$user->setLob($userObject->lob);
		$user->setOpsManager($userObject->opsManager);
		$user->setOpsEmail($userObject->opsEmail);
		$user->setTemplateChosen($userObject->templateChosen);
		$user->setLogo($userObject->logo);
		$user->setCoffee($userObject->coffee);
		$user->setOrdered($userObject->ordered);
		$user->setUsername($userObject->username);
		$user->setaccessLevel($userObject->accessLevel);
		$user->setRealName($userObject->realName);
		$user->setFirstname($userObject->firstname);
		$user->setLastname($userObject->lastname);
		$user->setLastlogged($userObject->lastlogged);
		$user->setLoggedInAmount($userObject->loggedInAmount);
		
	
		
		
		return $user;
	
	}



}


?>